Search Images Maps Play YouTube News Gmail Drive More »
Sign in
Screen reader users: click this link for accessible mode. Accessible mode has the same essential features but works better with your reader.

Patents

  1. Advanced Patent Search
Publication numberUS7657616 B1
Publication typeGrant
Application numberUS 10/167,229
Publication dateFeb 2, 2010
Filing dateJun 10, 2002
Priority dateJun 10, 2002
Fee statusPaid
Publication number10167229, 167229, US 7657616 B1, US 7657616B1, US-B1-7657616, US7657616 B1, US7657616B1
InventorsRobert Poling, Richard S. Pugh
Original AssigneeQuest Software, Inc.
Export CitationBiBTeX, EndNote, RefMan
External Links: USPTO, USPTO Assignment, Espacenet
Automatic discovery of users associated with screen names
US 7657616 B1
Abstract
Automatic discovery of users associated with screen names for rogue protocols. A local server associates screen names with users, updating those associations in response to the protocol. The local server intercepts protocol messages, determines if they relate to unknown users, and obtains information associating screen names with users. Policy rules are applied to all screen names for the same user in an aggregated manner. The local server sends a request to an authorization server coupled to the local network, including the IP address for that screen name. The authorization server interrogates a registry file on the user workstation to obtain a GUID for that user, and from that GUID obtains a unique logon name for that user from the domain controller for a local network.
Images(4)
Previous page
Next page
Claims(14)
1. A computer-implemented method comprising:
intercepting a first message from a client device associated with an actual user, the first message being generated according to an instant messaging protocol, said first message being associated with a first screen name usable in conjunction with said instant messaging rogue protocol;
determining a name of the actual user, said determining comprising:
obtaining from the first message a network address of the client device;
using the network address to access user identification information stored in a registry of the client device; and
using the user identification information to request a name of the actual user from a domain controller;
storing data representing an association between the actual user name and the first screen name in computer storage;
intercepting a second message associated with the instant messaging protocol, the second message being associated with a second screen name of the actual user;
storing a second association between the actual user name and the second screen name in the computer storage; and
enforcing a policy rule based on said first and second associations, said enforcing the policy rule comprising restricting the actual user from sending or receiving a predetermined number of messages associated with the instant messaging protocol.
2. The method of claim 1, wherein said intercepting the second message comprises intercepting the second message from a second client device associated with the actual user.
3. The computer-implemented method of claim 1, wherein said intercepting the first and second messages is performed with a gateway module executing on a computing device.
4. The computer-implemented method of claim 1, wherein the user identification information comprises a globally unique identifier (GUID).
5. The computer-implemented method of claim 1, wherein said restricting comprises limiting the number of instant messages associated with any screen name of the actual user to a specified rate.
6. The computer-implemented method of claim 3, wherein the gateway module and the client device are associated with a same enterprise network.
7. The computer-implemented method of claim 6, wherein said accessing the registry of the client device is performed by an authorization server coupled to the enterprise network and in communication with the gateway module.
8. A system for enforcing policy rules against actual users of a computer network, the system comprising:
a gateway operative to receive first and second messages from at least one client device associated with an actual user, the first and second messages being generated according to an instant messaging protocol, said first message being associated with a first screen name and said second message being associated with a second screen name usable in conjunction with said instant messaging protocol;
an authorization server operative to determine a name of the actual user in response to receiving an identification request from the gateway, wherein the authorization server is operative to:
use a network address of the at least one client device to access user identification information stored on the at least one client device; and
use the user identification information to request an identity of the actual user; and
the gateway being further operative to:
store data representing an association between the actual user identity and the first and second screen names in computer storage, and
enforce a policy rule by restricting the actual user from sending or receiving a total number of instant messages associated with the instant messaging protocol within a given time period.
9. The system of claim 8, wherein the gateway executes on a computing device in communication with the authorization server over a local area network (LAN).
10. The system of claim 8, wherein the user identification information comprises a globally unique identifier (GUID).
11. The system of claim 8, further comprising a firewall device configured to redirect at least one of the first and second messages from the at least one client device to the gateway.
12. The system of claim 8, wherein the at least one client device comprises first and second client devices, wherein the first message is received from the first client device and the second message is received from the second client device.
13. The system of claim 11, wherein the firewall device further comprises one or more recognition patterns for identifying the instant message protocol of the at least one of the first and second messages from a plurality of messages received from an enterprise network.
14. A system for enforcing policy rules against actual users, the system comprising:
means for intercepting first and second messages from a client device associated with an actual user, the first and second messages being generated according to an instant messaging protocol, said first and second messages being associated with, respectively, first and second screen names usable in conjunction with said instant messaging protocol, wherein said intercepting means is executed on a computing device;
means for determining a name of the actual user for each of the first and second messages, said means for determining comprising:
means for obtaining from the message a network address of the client device;
means for using the network address to access user identification information from a registry of the client device; and
means for using the user identification information to request a name of the actual user from a domain controller;
means for storing data representing an association between the actual user name and the first and second screen names in computer storage; and
means for enforcing a policy rule in response to intercepting the first and second messages by restricting the actual user from sending or receiving an additional number of messages associated with the instant messaging protocol.
Description
BACKGROUND OF THE INVENTION

1. Field of the Invention

The invention relates to automatic discovery of users associated with screen names and other aliases, such as for example those used with rogue protocols like “Instant Message” protocols, and the like.

2. Related Art

It is sometimes desirable to apply policy rules to messages in an enterprise network. This is a particular concern when those messages relate to a protocol that might not be directed to business aspects of the enterprise network. For example, a number of protocols have arisen for recent use that individual users might apply for personal use, but which are subject to possible abuses. Some of these protocols (often called “rogue protocols” herein) include IM (instant message) protocols, P2P (peer-to-peer) and other file sharing protocols, interactive game protocols, distributed computing protocols, and “.NET” or “SOAP” methods of computer program interaction. Some of these possible abuses include accidental delivery of a computer virus to a workstation within the enterprise network, unrecorded communications between workstations within the enterprise network and outside parties, and other unauthorized user behavior on the enterprise network.

One problem that has arisen in the art of applying policy rules to protocol messages is that, even when recognized, some protocol messages associate the users sending or receiving those protocol messages with a “screen name” rather than an otherwise identifiable user name. In this context, the phrase “protocol messages” is intended to include not just individual messages, but also sequences of messages and streams of information, sent either unidirectionally or indirectly, and sent either unicast or multicast. Without being able to reliably associate protocol messages with identifiable user names, it may be possible for users to circumvent policy requirements and enforcement of those policy requirements. As a result, possible abuses of the enterprise network might become more difficult to detect and might become more common.

SUMMARY OF THE INVENTION

The invention relates to automatic discovery of actual users associated with screen names for a possible “rouge protocol” such as IM (instant messaging). A local server for the rouge protocol maintains a set of associations between screen names and actual users, automatically updating that set of associations in response to messages and sessions related to the rouge protocol. The local server intercepts messages in selected rouge protocols, determines if those messages relate to unknown users, and obtains information with which to associate the rouge protocol screen name with an actual user. In a preferred embodiment, the local server is integrated with a policy-enforcement gateway (further described in a related application), which applies policy rules to all screen names associated with the same user in an aggregated manner.

In a preferred embodiment, the local server interacts with a domain controller for a local network. When messages are received from, or destined for, individual users coupled to the local network, the local server can obtain information uniquely identifying those users without any requirement for cooperation by workstations under control of those users. To obtain information with which to associate the rouge protocol screen name with an actual user, the local server sends a request to an authorization server, which is an auxiliary device coupled to the local network; the request includes the IP address associated with the rouge protocol message to (or from) the screen name which the local server desires to associate with an actual user. The authorization server interrogates a registry file on the user workstation with that IP address to obtain a GUID (global user ID) associated with that individual user, and obtains a unique logon name for the user associated with that GUID from the domain controller for the local network. Having obtained this information, the authorization server returns information to the local server associating that screen name with a particular user name (as well as the particular IP address and GUID).

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 shows a block diagram of a system on an enterprise network including a local server capable of associating screen names with users of rogue protocols.

FIG. 2 shows a block diagram of a local server capable of associating screen names with users of rogue protocols.

FIG. 3 shows a process flow diagram of a method including associating screen names with users of rogue protocols.

INCORPORATED DISCLOSURES

Inventions described herein can be used in conjunction with technology described in the following documents:

    • U.S. patent application Ser. No. 10/167,228 Express Mail Mailing No. EL734814811US, filed Jun. 10, 2002, in the name of the following inventors, Dmitry Shapiro, Rick Pugh, and Randy Miller, entitled “Extendible Gateway for Protection against Rogue Protocols”, and U.S. Patent Application Ser. No. 60/387,761 Express Mail Mailing No. EL734814839US, filed Jun. 10, 2002, in the name of the following inventors, Randy Miller, Robert Poling, and Rick Pugh, entitled “Proxy Enforcer for Rogue Protocol Messages”, and applications claiming priority therefrom.

These documents are hereby incorporated by reference as if fully set forth herein. All other documents cited herein are also hereby incorporated by reference as if fully set forth herein. The content of incorporated documents is sometimes referred to herein as the “incorporated disclosure.”

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT

In the description herein, a preferred embodiment of the invention is described, including preferred process steps and data structures. Those skilled in the art would realize, after perusal of this application, that embodiments of the invention might be implemented using a variety of other techniques not specifically described, without undue experimentation or further invention, and that such other techniques would be within the scope and spirit of the invention.

Lexicography

The following terms relate or refer to aspects of the invention or its embodiments. The general meaning of each of these terms is intended to be illustrative and in no way limiting.

    • client, server—In general, the terms “client” and “server” refer to relationships between the client and the server, not necessarily to particular physical devices. Thus, the phrase “client device” includes any device taking on the role of a client in a client-server relationship. There is no particular requirement that client devices must be individual physical devices; they can each be a single device, a set of cooperating devices, a portion of a device, or some combination thereof. Moreover, any particular device can be considered a client with regard to a first client-server relationship and can be considered a server with regard to a second client-server relationship, even if those relationships are in fact between the same two devices. Similarly, the phrase “server device” includes any device taking on the role of a server in a client-server relationship. There is no particular requirement that server devices must be individual physical devices; they can each be a single device, a set of cooperating devices, a portion of a device, or some combination thereof. For example, but without limitation, the client device and the server device in a client-server relation can actually be the same physical device, with a first set of software elements serving to perform client functions and a second set of software elements serving to perform server functions.
    • local network, enterprise network—In general, this refers to a collection of computers isolated on one side of firewall device from an external network (such as the internet).
    • local server, remote server—In general, the phrase “local server” refers to a server coupled to the enterprise network and logically local to it, while the “remote server” refers to a server not disposed on the enterprise network but instead accessible using an external network (such as the internet). Thus, the local server intercepts rogue protocol messages originally intended for processing at the remote server, and might or might not forward those rogue protocol messages to the remote server for further processing.
    • messages, protocol messages—In general, this refers to any set of messages using a rogue protocol, not necessarily just individual messages, but also sequences of message sages and streams of information, sent either in one direction or bi-directly, and sent either unicast or multicast. For example, where the rogue protocol is a variant of IM, a protocol message might include a message delivering text from one user to another user. Alternatively, where the rogue protocol is a P2P file-sharing protocol, a protocol message might include a message delivering a file from one user to another user.
    • protocol, rogue protocol—In general, this refers to any protocol against which it is desired to protect the enterprise network from abuse, including IM (instant message) protocols, P2P (peer-to-peer) and other file sharing protocols, interactive game protocols, distributed computing protocols, and “.NET” or “SOAP” methods of computer program interaction.
    • Although the invention is described with regard to instant messaging, there is no particular requirement that protocol messages detected and screened by the invention are so limited. Moreover, there is no particular requirement that instant messaging or other protocol messages must originate outside the local network; these messages might originate inside the local network and the destined for addressees outside the local network, or might originate inside the local network and the destined for addressees also within the local network.
    • unauthorized user behavior—In general, this refers to any behavior against which it is desired to protect the enterprise network, including accidental delivery of a computer virus to a workstation within the enterprise network, unrecorded communications between workstations within the enterprise network and outside parties, and other unauthorized user behavior on the enterprise network.
    • user, user name, user workstation—In general, this refers to an individual who might use resources on the enterprise network, the unique name assigned to that individual by the enterprise network, and any workstation used by that individual to access resources on the enterprise network. There is no particular requirement that a “user” must be a specific person; for example, a user name “STUDENT” might refer to one of a set of specified individuals.

The scope and spirit of the invention is not limited to any of these definitions, or to specific examples mentioned therein, but is intended to include the most general concepts embodied by these and other terms. Other and further applications of the invention, including extensions of these terms and concepts, would be clear to those of ordinary skill in the art after perusing this application. These other and further applications are part of the scope and spirit of the invention, and would be clear to those of ordinary skill in the art, without further invention or undue experimentation.

System Elements

FIG. 1 shows a block diagram of a system on an enterprise network including a local server capable of associating screen names with users of rogue protocols.

A system 100 includes an enterprise network 110 coupled either to a firewall device 120 or proxy server (not shown, but known by those skilled in the art), which are in turn coupled to an external network 130. Also coupled to the enterprise network 110 are a gateway 140, a domain controller 150, and authorization server 160, and at least one local client device 170. Also coupled to the external network 130 are (possibly) remote client devices 170, and a remote server 180.

As described herein, the enterprise network 110 includes one or more internal networks such as a LAN (local area network), WAN (wide area network), locally switched network or public switched network, some other communication technique, or some combination thereof, by which devices locally coupled to be enterprise network 110 might communicate with each other. Although an embodiment of the invention is described herein with regard to the enterprise network 110 including a LAN, there is no particular requirement that the enterprise network 110 must be disposed on a LAN, or in any other particular network configuration.

The firewall device 120 includes a conventional device for recognizing and intercepting messages formatted at selected levels of the OSI layered protocol model, and meeting selected filtering criteria by which the firewall device 120 might determine whether those messages carry information center to be received in a rogue protocol format. The firewall device 120 includes memory 121 having stored therein a set of recognition patterns 122 (sometimes called an “inspect script”) selected by an administrator of that firewall device 120. The recognition patterns 122 include information sufficient to describe to the firewall device 120 which messages are disposed in the rogue protocol format.

Messages are directed to the gateway 140 using either a proxy server or the firewall device 120. The firewall device 120 redirects (in response to the recognition patterns 122) at least some of the messages it processes to the gateway 140. In a preferred embodiment, those messages are redirected using a conventional “CVP” technique, in which, after processing the message and determining that it should be further processed by the gateway 140, the firewall device 120 delivers that message to the gateway 140.

In a preferred embodiment, the external network 130 includes an internet. However, in alternative embodiments the external network 130 might include an internet, extranet, virtual private network, LAN, WAN, locally switched network or public switched network, some other communication technique, or some combination thereof. Although an embodiment of the invention is described herein with regard to the external network 130 including an internet, there is no particular requirement that the external network 130 must be disposed in any particular configuration.

The gateway 140 is further described in the incorporated disclosure. The gateway 140 includes a local server 141, an authentication module 142, and a policy enforcement module 143, as further described below. The local server 141 includes a user database 144, which maintains an association between actual users, their unique user names, and screen names used by those users with the rogue protocol.

The domain controller 150 is coupled to the enterprise network 110, and is capable of access to registry information at client devices 170. In a preferred embodiment, security restrictions limit the set of devices capable of access to registry information at client devices 170 to just the domain controller 150; however, there is no particular requirement for the invention to have this restriction. In alternative embodiments, the authorization server 160 or the gateway 140 might have direct access to registry information at client devices 170.

The authorization server 160 is coupled to the enterprise network 110, and is capable of interacting with the domain controller 150 to obtain registry information at client devices 170. In a preferred embodiment, security restrictions limit the set of devices capable of such interaction with the domain controller 150 to only devices selected by a network administrator for the enterprise network 110, and the authorization server 160 is selected as one of these devices. However, there is no particular requirement for the invention to have this restriction. In alternative embodiments, the gateway 140 might have this capability directly.

The client devices 170 include both local client devices 170 and remote client devices 170. Each client device 170 (or as sometimes referred to herein, user workstation) is associated with a user 171, who has a unique user name. The local client devices are coupled to the enterprise network 110, and are disposed for sending and receiving messages using a rogue protocol, either directly to the local server 141, or originally destined for the remote server 180 but intercepted by the gateway 140 and initially processed by the local server 141. The remote client devices 170 are coupled to the external network 130, and are disposed for sending and receiving messages using a rogue protocol, as further described herein, generally directly to the remote server 180.

The remote server 180 is coupled to the external network 130, and is disposed for sending and receiving messages using the rogue protocol, to and from client devices 170. For example, where the rogue protocol is an IM protocol, the remote server 180 is disposed for receiving IM messages from a sending client device 170 and sending those IM messages to a receiving client device 170.

Local Server Elements

FIG. 2 shows a block diagram of a local server capable of associating screen names with users of rogue protocols.

As described above, the gateway 140 (further described in the incorporated disclosure) includes a local server 141, an authentication module 142, and a policy enforcement module 143. The local server 141 includes a user database 144, which maintains an association between actual users, their unique user names, and screen names used by those users with the rogue protocol.

The gateway 140 includes a session manager 145, capable of receiving rogue protocol messages 201 when they are intercepted from client devices 170. The session manager 145 includes software elements capable of parsing the rogue protocol message, and determining the type of rogue protocol and its associated local server 141. Though skilled in the art will recognize, after perusal of this application, that the gateway 140 might include a plurality of local servers 141, each adapted for processing of a different type of rogue protocol.

The session manager 145 includes software elements capable of sending the original rogue protocol message, or information equivalent thereto, to the local server 141. The local server 141 includes software elements capable of generating a new-session event 202, indicating the receipt of a rogue protocol message.

The session manager 145 includes software elements capable of distributing the new-session event 202 to one or more other software elements within the gateway 140. Such other software elements include the authentication module 142.

The authentication module 142 includes software elements capable of receiving the new-session event 202, and disposed for acting thereon. The authentication module 142 includes software elements capable of sending a name-request message 203 to the authorization server 160, and for receiving a name-response message 204 from the authorization server 160. As further described below with regard to FIG. 3, the name-request message 203 sent by the authentication module 142 to the authorization server 160 includes at least an IP address for the client device 170 sending the original rogue protocol message 201. As also further described below with regard FIG. 3, the name-response message 204 sent by the authorization server 160 to the authentication module 142 includes at least a unique user name associated with the client device 170 sending the original rogue protocol message 201, and therefore associated with any screen name included in the original rogue protocol message 201.

The authentication module 142 includes software elements capable of interacting with the session manager 145 for determining if the session associated with the new-session event 202 (and therefore associated with the original rogue protocol message 201) still exists after receiving the name-response message 204 from the authorization server 160.

The authorization module 142 interacts with the user database 144 so as to store any new association between actual user and one or more screen names. The authorization module 142 also includes software elements capable of interacting with session manager 145 for updating a session object associated with the original new-session event 202 (and therefore associated with the original rogue protocol message 201), so as to indicate the actual user (and the unique user name associated with actual user) for which that session applies.

The session manager 145 includes software elements capable of interacting with the policy enforcement module 143, so as to determine whether to allow the original rogue protocol message 201 to be forwarded to its originally intended destination 170.

The session manager 145 includes software elements capable of forwarding the original rogue protocol message 201 (or a reconstituted or altered version thereof) to the originally intended destination client device 170. As described in the incorporated disclosure, a first version of the rogue protocol used by the sending client device 170 and a second version of the rogue protocol used by the receiving client device 170 need not be identical. Thus for example, the sending client device 170 might use a first rogue protocol and therefore a first local server 141, while the receiving client device 170 might use a second rogue protocol and therefore a second local server 141.

Method of Operation

FIG. 3 shows a process flow diagram of a method including associating screen names with users of rogue protocols.

Although described serially, the flow points and steps of the method 300 can be performed by separate elements in conjunction or in parallel, whether asynchronously or synchronously, in a pipelined manner, or otherwise. There is no particular requirement that the method 300 must be performed in the same order in which this description lists flow points or steps, except where explicitly so indicated.

At a flow point 310, the gateway 140 is ready to receive a rogue protocol message.

At a step 311, the gateway 140 parses the message, and determines with which rogue protocol the message is associated.

At a step 312, the gateway 140 forwards the message to the local server 141 (and its protocol adapter, as further described in the incorporated disclosure) associated with the rogue protocol determined in the step just previous.

At a step 313, the gateway 140 determines whether the user sending the message is a local user (that is, coupled to the enterprise network 110) or a remote user (that is, coupled to the external network 130). If the sending user is a local user, the method 300 proceeds with the step 314. If the sending user is a remote user, the method 300 proceeds with the step 316.

At a step 314, the local server 141 within the gateway 140 generates a “new session” event in response to the message.

At a step 315, the local server 141 within the gateway 140 determines if the user sending the message is known to the local server 141 (that is, if the screen name associated with the user sending the message is present in the user database 144 maintained by the local server 141). If the user sending a message is known to the local server 141, then the method concludes at the flow point 330. If the user sending the message is not known to the local server 141, the method proceeds with the next step 316.

At a step 316, the local server 141 within the gateway 140 creates a “guest” session (that is, a new session with a new user initiating the session of “guest”).

At a step 317, the local server 141 within the gateway 140 sends a message to the authorization server 160, requesting the authorization server 160 to obtain a unique user name associated with a screen name for the message. The message from the local server 141 to the authorization server 160 includes an IP address associated with the sender of the original rogue protocol message.

At a step 318, the authorization server 160 identifies the client device 170 having the IP address sent to it by the local server 141, and interrogates the registry at that client device 170 to determine a GUID (global user ID) for the user associated with that IP address.

Because the authorization server 160 directly interrogates the registry at the client device 170, the local server 141 at the gateway 140 is able to obtain information uniquely identifying users without any requirement for cooperation by those users, and without any requirement for cooperation by workstations under control of those users. In cases where an individual user using an IM rogue protocol might have a plurality of screen names; the local server 141 at the gateway 140 is able to associate all of those screen names in that plurality with the same unique user.

At a step 319, the authorization server 160 requests, from the domain controller 150, a unique user name associated with the GUID obtained in the previous step. The domain controller 150 responds by sending, to the authorization server 160, that unique user name.

At a step 320, the authorization server 160 sends the unique user name obtained in the previous step to the local server 141 at the gateway 140.

At a step 321, the local server 141 at the gateway 140 checks the session associated with the original rogue protocol message to determine if the session is still in progress. If the session is not still in progress (that is for example, the session was dropped by the sender of the original rogue protocol message), the method 300 concludes at the flow point 330. If the session is still in progress, the method continues with the next step 322.

At a step 322, the local server 141 at the gateway 140 records the unique user name, and its association with the screen name from the original rogue protocol message, in the user database 144 at the gateway 140.

At a step 323, the local server 141 at the gateway 140 records the unique user name with the session associated with the original rogue protocol message.

At a flow point 330, the local server 141 at the gateway 140 has determined the unique user name associated with the screen name from the original rogue protocol message. The gateway 140 is ready to further process that rogue protocol message, such as by applying policy rules for that user and that rogue protocol message.

In a preferred embodiment, the gateway 140 is adapted to aggregate its treatment of rogue protocol message with actual users, regardless of the screen names those actual users select for their rogue protocol communications. Thus, if an individual user has two separate screen names (say, “swemofsky31415926” and “swemofsky27181828”), the gateway 140 is still capable of enforcing policy rules with regard to the actual user, notwithstanding that user's separation of his rogue protocol messages into two separate screen names. For example, if a particular policy rule restricts users from sending or receiving more than 100 IM messages each hour, the gateway 140 would be capable of restricting that individual actual user, operating under any one or more screen names, from sending or receiving more than 100 IM messages each hour for all screen names combined.

The method 300 is repeated for each rogue protocol message (or at least for those rogue protocol messages initiating sessions) received by the gateway 140.

Alternative Embodiments

    • Although preferred embodiments are disclosed herein, many variations are possible which remain within the concept, scope, and spirit of the invention. These variations would become clear to those skilled in the art after perusal of this application.

Those skilled in the art will recognize, after perusal of this application, that these alternative embodiments are illustrative and in no way limiting.

Patent Citations
Cited PatentFiling datePublication dateApplicantTitle
US4425618Nov 23, 1981Jan 10, 1984Bell Telephone Laboratories, IncorporatedMethod and apparatus for introducing program changes in program-controlled systems
US5161192Nov 7, 1990Nov 3, 19923Com Technologies, Ltd.Repeaters for secure local area networks
US5249292Mar 10, 1992Sep 28, 1993Chiappa J NoelData packet switch using a primary processing unit to designate one of a plurality of data stream control circuits to selectively handle the header processing of incoming packets in one data packet stream
US5339430Jul 1, 1992Aug 16, 1994Telefonaktiebolaget L M EricssonSystem for dynamic run-time binding of software modules in a computer system
US5421017Jan 14, 1994May 30, 1995Siemens AktiengesellschaftReal time control system and method for replacing software in a controlled system
US5761415Dec 15, 1995Jun 2, 1998Banyan Systems, Inc.Maintaining distribution lists in a naming service with information for routing messages to users in a network and to remote users
US5907678May 7, 1997May 25, 1999International Business Machines CorporationClient/server system in which protocol caches for multiple sessions are selectively copied into a common checkpoint cache upon receiving a checkpoint request
US5968176May 29, 1997Oct 19, 19993Com CorporationMultilayer firewall system
US5983270Apr 2, 1997Nov 9, 1999Sequel Technology CorporationMethod and apparatus for managing internetwork and intranetwork activity
US6081900Mar 16, 1999Jun 27, 2000Novell, Inc.Secure intranet access
US6128298Apr 24, 1997Oct 3, 2000Nortel Networks CorporationInternet protocol filter
US6154775Sep 12, 1997Nov 28, 2000Lucent Technologies Inc.Methods and apparatus for a computer network firewall with dynamic rule processing with the ability to dynamically alter the operations of rules
US6226372Dec 8, 1999May 1, 2001Securelogix CorporationTightly integrated cooperative telecommunications firewall and scanner with distributed capabilities
US6312337Sep 27, 2000Nov 6, 2001Sony CorporationOnline digital photography game system
US6317837Sep 1, 1998Nov 13, 2001Applianceware, LlcInternal network node with dedicated firewall
US6321337Sep 9, 1998Nov 20, 2001Sanctum Ltd.Method and system for protecting operations of trusted internal networks
US6334215May 5, 1999Dec 25, 2001International Business Machines CorporationMethodology for migration of legacy applications to new product architectures
US6415318Apr 5, 1999Jul 2, 2002Microsoft CorporationInter-enterprise messaging system using bridgehead servers
US6513013Apr 17, 2000Jan 28, 2003Dimitri StephanouSystem and method for providing expert referral over a network with real time interaction with customers
US6513122Jun 29, 2001Jan 28, 2003Networks Associates Technology, Inc.Secure gateway for analyzing textual content to identify a harmful impact on computer systems with known vulnerabilities
US6519703Apr 14, 2000Feb 11, 2003James B. JoyceMethods and apparatus for heuristic firewall
US6557037May 29, 1998Apr 29, 2003Sun MicrosystemsSystem and method for easing communications between devices connected respectively to public networks such as the internet and to private networks by facilitating resolution of human-readable addresses
US6600726Nov 12, 1999Jul 29, 2003Mobilian CorporationMultiple wireless communication protocol methods and apparatuses
US6631363Oct 10, 2000Oct 7, 2003I2 Technologies Us, Inc.Rules-based notification system
US6683954Oct 23, 1999Jan 27, 2004Lockstream CorporationKey encryption using a client-unique additional key for fraud prevention
US6715084Mar 26, 2002Mar 30, 2004Bellsouth Intellectual Property CorporationFirewall system and method via feedback from broad-scope monitoring for intrusion detection
US6721890May 4, 1999Apr 13, 2004Microsoft CorporationApplication specific distributed firewall
US6751562 *Mar 22, 2001Jun 15, 2004Power Measurement Ltd.Communications architecture for intelligent electronic devices
US6757732 *Mar 16, 2000Jun 29, 2004Nortel Networks LimitedText-based communications over a data network
US6775284Jan 7, 2000Aug 10, 2004International Business Machines CorporationMethod and system for frame and protocol classification
US6781990Feb 11, 2002Aug 24, 2004Extreme NetworksMethod and system for managing traffic in a packet network environment
US6853851Mar 18, 1999Feb 8, 2005Nokia Mobile Phones LimitedDual mode terminal for accessing a cellular network directly or via a wireless intranet
US6873988Jul 9, 2002Mar 29, 2005Check Point Software Technologies, Inc.System and methods providing anti-virus cooperative enforcement
US6941349Jun 11, 2002Sep 6, 2005Research In Motion LimitedSystem and method for pushing calendar event messages from a host system to a mobile data communication device
US6944555Jun 29, 2001Sep 13, 2005Power Measurement Ltd.Communications architecture for intelligent electronic devices
US6963858Dec 11, 2002Nov 8, 2005Contentguard Holdings, Inc.Method and apparatus for assigning consequential rights to documents and documents having such rights
US6983370Nov 27, 2001Jan 3, 2006Motorola, Inc.System for providing continuity between messaging clients and method therefor
US7013326Sep 27, 2000Mar 14, 2006Fujitsu LimitedChat system, dummy client system for chat system, and computer readable medium storing dummy client program
US7068769 *Sep 4, 2001Jun 27, 2006Sprint Spectrum L.P.Method and system for communication processing based on physical presence
US7076650Dec 24, 1999Jul 11, 2006Mcafee, Inc.System and method for selective communication scanning at a firewall and a network node
US7111044Nov 12, 2002Sep 19, 2006Fastmobile, Inc.Method and system for displaying group chat sessions on wireless mobile terminals
US7131003Feb 20, 2003Oct 31, 2006America Online, Inc.Secure instant messaging system
US7143439Jun 8, 2001Nov 28, 2006Security, Inc.Efficient evaluation of rules
US7159109Nov 7, 2001Jan 2, 2007Intel CorporationMethod and apparatus to manage address translation for secure connections
US7191213Oct 25, 2000Mar 13, 2007Avaya Technology Corp.Instant message notification application
US7200634May 2, 2001Apr 3, 2007Chikka Pte Ltd.Instant messaging account system
US7209957Sep 15, 2003Apr 24, 2007Sbc Knowledge Ventures, L.P.Downloadable control policies for instant messaging usage
US7225226Sep 27, 2002May 29, 2007International Business Machines CorporationChat messaging channel redirection
US7248978Feb 2, 2005Jul 24, 2007Power Measurement Ltd.System and method for routing power management data via XML firewall
US7266585Sep 14, 2005Sep 4, 2007Colloquis, Inc.Method and system for using screen names to customize interactive agents
US7266594Nov 7, 2001Sep 4, 2007Microsoft CorporationMethod and system for configuring a computer for real-time communication
US7284034Jul 11, 2002Oct 16, 2007International Business Machines CorporationTransparent combination of instant message protocols
US7302574Jun 21, 2001Nov 27, 2007Digimarc CorporationContent identifiers triggering corresponding responses through collaborative processing
US7321969Apr 26, 2002Jan 22, 2008Entrust LimitedSecure instant messaging system using instant messaging group policy certificates
US7401054Mar 4, 2002Jul 15, 2008Accenture GmbhContent bank for objects
US7401158Nov 5, 2002Jul 15, 2008Oracle International CorporationApparatus and method for instant messaging collaboration
US7412490Jan 18, 2005Aug 12, 2008International Business Machines CorporationRouting instant messages using configurable, pluggable delivery managers
US7428590Jun 10, 2003Sep 23, 2008Akonix Systems, Inc.Systems and methods for reflecting messages associated with a target protocol within a network
US7437442Nov 18, 2002Oct 14, 2008Mitsubishi Denki Kabushiki KaishaNetwork data transfer method
US7483982Sep 13, 2005Jan 27, 2009Websense, Inc.Filtering techniques for managing access to internet sites or other software applications
US20020064149Jun 14, 2001May 30, 2002Elliott Isaac K.System and method for providing requested quality of service in a hybrid network
US20020103931Jan 26, 2001Aug 1, 2002Mott Charles J.Virtual private networking using domain name service proxy
US20020116643Sep 14, 2001Aug 22, 2002Gil RaananMethod and system for extracting application protocol characteristics
US20020129088Feb 15, 2002Sep 12, 2002Pei-Yuan ZhouContent-based billing
US20020141378Mar 28, 2001Oct 3, 2002Bays Robert JamesMethods, apparatuses and systems facilitating deployment, support and configuration of network routing policies
US20020178227 *May 25, 2001Nov 28, 2002International Business Machines CorporationRouting instant messages using configurable, pluggable delivery managers
US20020178231Jul 11, 2002Nov 28, 2002International Business Machines CorporationTransparent combination of instant message protocols
US20020184357 *Jan 22, 2002Dec 5, 2002Traversat Bernard A.Rendezvous for locating peer-to-peer resources
US20020188657 *Jan 22, 2002Dec 12, 2002Traversat Bernard A.Resource identifiers for a peer-to-peer environment
US20020198949Mar 28, 2002Dec 26, 2002Square Co., Ltd.Terminal device, information viewing method, information viewing method of information server system, and recording medium
US20030018726 *Apr 29, 2002Jan 23, 2003Low Sydney GordonInstant messaging
US20030055982Nov 27, 2001Mar 20, 2003Fujitsu Limited Of Kawasaki, JapanCommunications control method, relaying method and relaying device
US20030055994Jul 9, 2002Mar 20, 2003Zone Labs, Inc.System and methods providing anti-virus cooperative enforcement
US20030074410Aug 23, 2002Apr 17, 2003Active Buddy, Inc.Method and system for using screen names to customize interactive agents
US20030101343Nov 27, 2001May 29, 2003Eaton Eric ThomasSystem for providing continuity between messaging clients and method therefor
US20030131061Nov 27, 2002Jul 10, 2003Active Buddy, Inc.Transparent proxy server for instant messaging system and methods
US20030145226Jan 28, 2002Jul 31, 2003International Business Machines CorporationIntegrated intrusion detection services
US20030154399Feb 8, 2002Aug 14, 2003Nir ZukMulti-method gateway-based network security systems and methods
US20030204722Apr 26, 2002Oct 30, 2003Isadore SchoenInstant messaging apparatus and method with instant messaging secure policy certificates
US20030204741Apr 26, 2002Oct 30, 2003Isadore SchoenSecure PKI proxy and method for instant messaging clients
US20030208545May 1, 2002Nov 6, 2003Eaton Eric ThomasInstant message communication system for providing notification of one or more events and method therefor
US20040039827Apr 8, 2003Feb 26, 2004Neoteris, Inc.Method and system for providing secure access to private networks with client redirection
US20040088423Jun 10, 2003May 6, 2004Akonix Systems, Inc.Systems and methods for authentication of target protocol screen names
US20040103318Jun 10, 2003May 27, 2004Akonix Systems, Inc.Systems and methods for implementing protocol enforcement rules
US20040109518Jun 10, 2003Jun 10, 2004Akonix Systems, Inc.Systems and methods for a protocol gateway
US20040111623Jun 10, 2003Jun 10, 2004Akonix Systems, Inc.Systems and methods for detecting user presence
US20040117501Dec 12, 2002Jun 17, 2004International Business Machines CorporationApparatus and method for correction of textual information based on locale of the recipient
US20040162724Feb 11, 2003Aug 19, 2004Jeffrey HillManagement of conversations
US20040230684Feb 17, 2004Nov 18, 2004Brent SmolinskiContext sensitive transfer
US20040254998Jun 30, 2004Dec 16, 2004Microsoft CorporationWhen-free messaging
US20050149630Jun 28, 2004Jul 7, 2005Brent SmolinskiContext sensitive transfer with active listening and active alerts
US20060031365Sep 14, 2005Feb 9, 2006Timothy KayMethod and system for using screen names to customize interactive agents
US20060064469Sep 23, 2004Mar 23, 2006Cisco Technology, Inc.System and method for URL filtering in a firewall
US20070112957Nov 3, 2006May 17, 2007Akonix Systems, Inc.Systems and Methods for Remote Rogue Protocol Enforcement
US20070124577Dec 6, 2005May 31, 2007AkonixSystems and methods for implementing protocol enforcement rules
US20080196099Jan 4, 2008Aug 14, 2008Akonix Systems, Inc.Systems and methods for detecting and blocking malicious content in instant messages
US20080256257Oct 9, 2007Oct 16, 2008Akonix Systems, Inc.Systems and methods for reflecting messages associated with a target protocol within a network
DE19810802A1Mar 12, 1998Sep 16, 1999Ericsson Telefon Ab L MSoftware processing device with software actualization function
Non-Patent Citations
Reference
1FreeNews.com. "Akonix Launches First Instant Messaging Security Solution for Remote Users; L7 Remote User Agent Ensures I'm Use by Mobile Employees Meets Corporate Compliance and Security Needs"[online] Oct. 11, 2005[retrieved on Aug. 12, 2007] Retrieved from the Internet -27348.html?Akonix>.
2FreeNews.com. "Akonix Launches First Instant Messaging Security Solution for Remote Users; L7 Remote User Agent Ensures I'm Use by Mobile Employees Meets Corporate Compliance and Security Needs"[online] Oct. 11, 2005[retrieved on Aug. 12, 2007] Retrieved from the Internet <URL: http://www.freshnews.com/news/computers-internet/article—27348.html?Akonix>.
3International Search Report for related PCT International Application No. PCT/U504/029848, dated Nov. 17, 2008.
4International Search Report for related PCT International Application No. PCT/U504/04837, filed Feb. 14, 2004 dated Oct. 2, 2007.
5International Search Report for related PCT International Application No. PCT/U505/44089, dated Jan. 17, 2007.
6International Search Report for related PCT International Application No. PCT/US03/18311, filed Jun. 10, 2003.
7International Search Report for related PCT International Application No. PCT/US06/60526, dated Mar. 27, 2008.
8Jan. 6, 2009 Final Office Action and Response to Jan. 6, 2009 Office Action (mailed May 6, 2009) in co-pending U.S. Appl. No. 10/459,421, filed Jun. 10, 2003.
9Response to Dec. 23, 2008 Office Action (mailed Apr. 23, 2009) and Jun. 29, 2009 Notice of Allowance in co-pending U.S. Appl. No. 10/459,408, filed Jun. 10, 2003.
Referenced by
Citing PatentFiling datePublication dateApplicantTitle
US7818565Jun 10, 2003Oct 19, 2010Quest Software, Inc.Systems and methods for implementing protocol enforcement rules
US7912899 *Nov 5, 2002Mar 22, 2011Oracle International CorporationMethod for selectively sending a notification to an instant messaging device
US20130060862 *Sep 1, 2011Mar 7, 2013Sony CorporationEnabling Wireless Device Communication
Classifications
U.S. Classification709/223
International ClassificationG06F15/173
Cooperative ClassificationH04L51/18, H04L51/12, H04L63/02, H04L51/04
European ClassificationH04L12/58F, H04L12/58B, H04L63/02, H04L51/04, H04L51/12
Legal Events
DateCodeEventDescription
Jan 2, 2014ASAssignment
Owner name: BANK OF AMERICA, N.A., AS ADMINISTRATIVE AGENT, TE
Effective date: 20131029
Free format text: PATENT SECURITY AGREEMENT (ABL);ASSIGNORS:DELL INC.;APPASSURE SOFTWARE, INC.;ASAP SOFTWARE EXPRESS,INC.;AND OTHERS;REEL/FRAME:031898/0001
Owner name: BANK OF NEW YORK MELLON TRUST COMPANY, N.A., AS FI
Free format text: PATENT SECURITY AGREEMENT (NOTES);ASSIGNORS:APPASSURE SOFTWARE, INC.;ASAP SOFTWARE EXPRESS, INC.;BOOMI, INC.;AND OTHERS;REEL/FRAME:031897/0348
Owner name: BANK OF AMERICA, N.A., AS COLLATERAL AGENT, NORTH
Free format text: PATENT SECURITY AGREEMENT (TERM LOAN);ASSIGNORS:DELL INC.;APPASSURE SOFTWARE, INC.;ASAP SOFTWARE EXPRESS, INC.;AND OTHERS;REEL/FRAME:031899/0261
Sep 20, 2013ASAssignment
Owner name: AKONIX SYSTEMS, INC., CALIFORNIA
Free format text: RELEASE BY SECURED PARTY;ASSIGNORS:MENLO VENTURES IX, L.P.;MENLO ENTREPRENEURS FUND IX, L.P.;MENLO ENTREPRENEURS FUND IX(A), L.P.;AND OTHERS;REEL/FRAME:031247/0495
Effective date: 20130719
Aug 20, 2013ASAssignment
Owner name: DELL SOFTWARE INC., CALIFORNIA
Free format text: CHANGE OF NAME;ASSIGNOR:QUEST SOFTWARE, INC.;REEL/FRAME:031043/0281
Effective date: 20130701
Apr 25, 2013ASAssignment
Effective date: 20130422
Owner name: AKONIX SYSTEMS, INC., CALIFORNIA
Free format text: RELEASE OF SECURITY INTEREST;ASSIGNOR:TRIPLEPOINT CAPITAL LLC;REEL/FRAME:030294/0277
Mar 7, 2013FPAYFee payment
Year of fee payment: 4
Sep 28, 2012ASAssignment
Free format text: RELEASE OF SECURITY INTEREST IN PATENT COLLATERAL;ASSIGNOR:WELLS FARGO CAPITAL FINANCE, LLC (FORMERLY KNOWN AS WELLS FARGO FOOTHILL, LLC);REEL/FRAME:029050/0679
Owner name: SCRIPTLOGIC CORPORATION, FLORIDA
Effective date: 20120927
Owner name: VIZIONCORE, INC., ILLINOIS
Owner name: NETPRO COMPUTING, INC., CALIFORNIA
Owner name: QUEST SOFTWARE, INC., CALIFORNIA
Owner name: AELITA SOFTWARE CORPORATION, CALIFORNIA
Dec 28, 2010CCCertificate of correction
Feb 18, 2009ASAssignment
Owner name: WELLS FARGO FOOTHILL, LLC,CALIFORNIA
Free format text: PATENT SECURITY AGREEMENT;ASSIGNORS:QUEST SOFTWARE, INC.;AELITA SOFTWARE CORPORATION;SCRIPTLOGIC CORPORATION AND OTHERS;US-ASSIGNMENT DATABASE UPDATED:20100203;REEL/FRAME:22277/91
Effective date: 20090217
Free format text: PATENT SECURITY AGREEMENT;ASSIGNORS:QUEST SOFTWARE, INC.;AELITA SOFTWARE CORPORATION;SCRIPTLOGIC CORPORATION AND OTHERS;US-ASSIGNMENT DATABASE UPDATED:20100216;REEL/FRAME:22277/91
Free format text: PATENT SECURITY AGREEMENT;ASSIGNORS:QUEST SOFTWARE, INC.;AELITA SOFTWARE CORPORATION;SCRIPTLOGIC CORPORATION AND OTHERS;US-ASSIGNMENT DATABASE UPDATED:20100225;REEL/FRAME:22277/91
Free format text: PATENT SECURITY AGREEMENT;ASSIGNORS:QUEST SOFTWARE, INC.;AELITA SOFTWARE CORPORATION;SCRIPTLOGIC CORPORATION AND OTHERS;US-ASSIGNMENT DATABASE UPDATED:20100427;REEL/FRAME:22277/91
Free format text: PATENT SECURITY AGREEMENT;ASSIGNORS:QUEST SOFTWARE, INC.;AELITA SOFTWARE CORPORATION;SCRIPTLOGIC CORPORATION AND OTHERS;REEL/FRAME:22277/91
Free format text: PATENT SECURITY AGREEMENT;ASSIGNORS:QUEST SOFTWARE, INC.;AELITA SOFTWARE CORPORATION;SCRIPTLOGIC CORPORATION;AND OTHERS;REEL/FRAME:022277/0091
Owner name: WELLS FARGO FOOTHILL, LLC, CALIFORNIA
Dec 17, 2008ASAssignment
Owner name: QUEST SOFTWARE, INC.,CALIFORNIA
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:AKONIX SYSTEMS, INC.;US-ASSIGNMENT DATABASE UPDATED:20100203;REEL/FRAME:22000/781
Effective date: 20080813
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:AKONIX SYSTEMS, INC.;US-ASSIGNMENT DATABASE UPDATED:20100216;REEL/FRAME:22000/781
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:AKONIX SYSTEMS, INC.;US-ASSIGNMENT DATABASE UPDATED:20100225;REEL/FRAME:22000/781
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:AKONIX SYSTEMS, INC.;US-ASSIGNMENT DATABASE UPDATED:20100427;REEL/FRAME:22000/781
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:AKONIX SYSTEMS, INC.;REEL/FRAME:22000/781
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:AKONIX SYSTEMS, INC.;REEL/FRAME:022000/0781
Owner name: QUEST SOFTWARE, INC., CALIFORNIA
May 13, 2008ASAssignment
Owner name: FIRST PLAZA GROUP TRUST, SOLELY FOR THE BENEFIT OF
Free format text: SECURITY AGREEMENT;ASSIGNOR:AKONIX SYSTEMS, INC.;US-ASSIGNMENT DATABASE UPDATED:20100203;REEL/FRAME:20940/518
Effective date: 20080307
Owner name: GC&H INVESTMENTS, LLC,CALIFORNIA
Owner name: MENLO ENTREPRENEURS FUND IX(A), L.P.,CALIFORNIA
Owner name: MENLO ENTREPRENEURS FUND IX, L.P.,CALIFORNIA
Owner name: MENLO VENTURES IX, L.P.,CALIFORNIA
Owner name: MISSION VENTURES AFFILIATES II, L.P.,CALIFORNIA
Effective date: 20080307
Owner name: MISSION VENTURES II, L.P.,CALIFORNIA
Owner name: MMEF IX, L.P.,CALIFORNIA
Owner name: PALOMAR VENTURES II, L.P.,CALIFORNIA
Owner name: PERFORMANCE DIRECT INVESTMENTS I, L.P.,CONNECTICUT
Owner name: WINDWARD VENTURES 2000, L.P.,CALIFORNIA
Owner name: WINDWARD VENTURES 2000-A, L.P.,CALIFORNIA
Effective date: 20080307
Free format text: SECURITY AGREEMENT;ASSIGNOR:AKONIX SYSTEMS, INC.;US-ASSIGNMENT DATABASE UPDATED:20100216;REEL/FRAME:20940/518
Free format text: SECURITY AGREEMENT;ASSIGNOR:AKONIX SYSTEMS, INC.;US-ASSIGNMENT DATABASE UPDATED:20100225;REEL/FRAME:20940/518
Free format text: SECURITY AGREEMENT;ASSIGNOR:AKONIX SYSTEMS, INC.;US-ASSIGNMENT DATABASE UPDATED:20100427;REEL/FRAME:20940/518
Free format text: SECURITY AGREEMENT;ASSIGNOR:AKONIX SYSTEMS, INC.;REEL/FRAME:20940/518
Free format text: SECURITY AGREEMENT;ASSIGNOR:AKONIX SYSTEMS, INC.;REEL/FRAME:020940/0518
Owner name: PERFORMANCE DIRECT INVESTMENTS I, L.P., CONNECTICU
Owner name: WINDWARD VENTURES 2000, L.P., CALIFORNIA
Owner name: MENLO ENTREPRENEURS FUND IX(A), L.P., CALIFORNIA
Owner name: MMEF IX, L.P., CALIFORNIA
Owner name: WINDWARD VENTURES 2000-A, L.P., CALIFORNIA
Owner name: GC&H INVESTMENTS, LLC, CALIFORNIA
Owner name: MENLO ENTREPRENEURS FUND IX, L.P., CALIFORNIA
Owner name: MISSION VENTURES II, L.P., CALIFORNIA
Owner name: MENLO VENTURES IX, L.P., CALIFORNIA
Owner name: MISSION VENTURES AFFILIATES II, L.P., CALIFORNIA
Owner name: PALOMAR VENTURES II, L.P., CALIFORNIA
Apr 19, 2006ASAssignment
Owner name: TRIPLEPOINT CAPITAL LLC,CALIFORNIA
Free format text: SECURITY AGREEMENT;ASSIGNOR:AKONIX SYSTEMS, INC.;US-ASSIGNMENT DATABASE UPDATED:20100203;REEL/FRAME:17496/602
Effective date: 20060407
Free format text: SECURITY AGREEMENT;ASSIGNOR:AKONIX SYSTEMS, INC.;US-ASSIGNMENT DATABASE UPDATED:20100216;REEL/FRAME:17496/602
Free format text: SECURITY AGREEMENT;ASSIGNOR:AKONIX SYSTEMS, INC.;US-ASSIGNMENT DATABASE UPDATED:20100427;REEL/FRAME:17496/602
Free format text: SECURITY AGREEMENT;ASSIGNOR:AKONIX SYSTEMS, INC.;REEL/FRAME:017496/0602
Owner name: TRIPLEPOINT CAPITAL LLC, CALIFORNIA
Sep 11, 2002ASAssignment
Owner name: AKONIX SYSTEMS, INC.,CALIFORNIA
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:POLING, ROBERT;PUGH, RICHARD S.;US-ASSIGNMENT DATABASE UPDATED:20100203;REEL/FRAME:13082/307
Effective date: 20020905
Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:POLING, ROBERT;PUGH, RICHARD S.;REEL/FRAME:013082/0307